Parent class: Malware
Malicious tools are malicious programs designed to automatically create viruses, worms, or Trojans, conduct DoS attacks on remote servers, hack other computers, etc. Unlike viruses, worms, and Trojans, malware in this subclass does not present a direct threat to the computer it runs on, and the program’s malicious payload is only delivered on the direct order of the user.Read more
Class: Exploit
Exploits are programs that contain data or executable code which take advantage of one or more vulnerabilities in software running on a local or remote computer for clearly malicious purposes. Often, malicious users employ an exploit to penetrate a victim computer in order to subsequently install malicious code (for example, to infect all visitors to a compromised website with a malicious program). Additionally, exploits are commonly used by Net-Worms in order to hack a victim computer without any action being required from the user. Nuker programs are notable among exploits; such programs send specially crafted requests to local or remote computers, causing the system to crash.Read more
Platform: HTML
Hypertext Markup Language (HTML) is the standard markup language for documents interpreted by web browsers. Markup of most web pages and web applications is written in HTML or XHTML.Description
Technical Details
The suspicious message "Exploit.CodeBaseExec" means that HTML page being scanned contains code exploiting the Microsoft Internet Explorer Arbitrary Program Execution Vulnerability, aka the Local Executable Invocation via Object tag vulnerability.
Microsoft Internet Explorer 5.01, 5.5 and 6.0 treat objects invoked on an HTML page with the codebase property as part of the Local Computer zone, which allows remote attacks to invoke executables present on the local system through objects such as the popup object.
Vulnerability IDs:
bugtraq id: 3867
cve: CAN-2002-0077
More information on this vulnerability can be found at the following links:
http://www.microsoft.com/technet/security/bulletin/ms02-015.asp?frame=true#CVE-CAN-2002-007
http://online.securityfocus.com/cgi-bin/vulns-item.pl?section=info&id=3867
Microsoft released a patch on March 28, 2002 that eliminates this vulnerability in Internet Explorer. To download this patch go to the following link: http://www.microsoft.com/windows/ie/downloads/critical/Q319182/default.asp
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com